03/07/2018

Why You Can't Afford to Rely on Difficult Security Tools

by David Wagner

What if the single biggest security threat your organization faced were internal? A major survey revealed that 63 percent of respondents consider an accidental breach to be their primary security concern, followed closely by someone falling for a phishing attack or intentionally mishandling data. Tellingly, only 41 percent of respondents trust users with sensitive data all the time.

While employees aren’t usually reckless or knowingly unsafe, the problem is often that the most effective security solutions are the most difficult to use, resulting in limited onboarding across industries. Public key infrastructure (PKI) encryption, for example, uses a digital “key” to encrypt messages and transactions while authenticating the recipient. This solution offers excellent granular protection, but the steps it requires on both ends (administrator and end user) ultimately prevented its wide use.

Security tools that create obstacles, slow down workflows, and frustrate end users are bound to foster workarounds that can compromise data, resulting in hefty fees, long-term penalties, and public scorn for a company. Thus, organizations, especially in highly regulated industries like healthcare and finance, need to figure out how far users are prepared to go — realistically and in their daily efforts — to support a cybersecurity strategy. They can then implement solutions that foreground ease of use inasmuch as they do protection, because the two shouldn’t be mutually exclusive objectives.

The Zix Approach to Accessibility

Solving this problem of accessibility requires a combination of education and tools. Users must understand how big the threat is to the organization and what practices/policies to follow; and the tools themselves should be intuitive, user-friendly, and adaptable.

That’s why we build accessibility into each of our solutions, especially ZixEncrypt. We believe providing email encryption that is both secure and easy-to-use is critical to providing the strongest protection of email data. And, in fact, here are a few of the areas we prioritize in our service that address both ease of use and comprehensive protection:

• Automatic Email Scanning. To help employees maintain normal workflows and turn their attention to job responsibilities without being distracted by security efforts, our automatic scanning and filtering encrypts sensitive emails without necessitating user action. Not only does this tool eliminate the possibility of human error, it also streamlines and formalizes encryption efforts.

• Convenient Email Delivery. Inasmuch as your employees should be able to work in a secure and hassle-free environment, your customers and partners should, too. ZixEncrypt automatically decrypts secured emails for recipients using the same platform and simplifies the decryption process for recipients using a different platform through a simple two-step process, removing much of the difficulty and confusion and fostering greater security.

• Dynamic Security Platform. A security solution should prioritize user-friendliness by learning from the users themselves. For instance, our work over the past 18 years with thousands of healthcare customers has helped us refine our email filters. Individual organizations can also tweak their own filters with our solutions to better fit their requirements. We can then apply policies based on the content of the email and its attachment to balance security and ease of use.

• Streamlined Mobile Experience. Mobile devices such as phones and tablets have revolutionized the workplace — both in terms of where people work and when they work — and revolutionized email. Over the past three years, mobile email opens have increased 180 percent. Given users’ heavy reliance on mobile devices, implementing a security platform like ZixEncrypt that streamlines the mobile experience by making mobile deliver convenient and secure is essential.

Cybersecurity should be a certainty without becoming an obstruction, and while most cybersecurity providers focus on offering ironclad protections, we take it a step further, working to optimize those protections with technology, accessibility, flexibility, and comprehensiveness. Because only those organizations that foreground both protection and ease of use will find themselves most protected in this new year.

David Wagner has more than 25 years of experience in the IT security industry. He serves as the President and Chief Executive Officer of Zix, a leader in email security, and previously held leadership roles at Entrust for 20 years. With his IT security and leadership background, David offers a business perspective that enables company leaders to better understand evolving cyberattacks and prepare for future threats.